Figure 1-2depicts the relevant tasks in a life-cycle overview for endpoint protection. All of the topics discussed in this chapter are represented at some point in this life cycle.

Policy Development and Assurance

Asset protection, privacy and reputation protection,

and regulatory compliance

Privacy:

Control:

Secure Connectivity & Data

Trust & Identity

Confidential delivery of

Manage users and

applications, voice,

devices in accordance

data, and transactions

with security policy

Protection:

Infrastructure:

Threat Defense

Secure Systems & Networks

Minimize and manage

Leverage core networking,

software, and systems

both known and

capabilities to address

unknown threats

security issues

 

Secure Monitoring and Management

Realize security policy through

integrated network, device, and security management

Figure 1-2 Integrated endpoint protection

When an organization is responsible for maintaining and protecting customer data, it must create measures to ensure policy compliance by all involved systems on an automated and regular basis. Failure to meet this objective has resulted in significant exposure and many lawsuits have been lost. It is better to seem security-paranoid than to be ignorant.

More information about security compliance can be found in the IBM Redbook Deployment Guide Series: IBM Tivoli Security Compliance Manager, SG24-6450.

1.7 Conclusion

Organizations are constantly looking to maintain compliance status with their corporate security policy for both inter-company and intra-company interactions. Production losses and inefficiencies, and therefore substantial financial losses, have resulted from noncompliance. Laws and government regulations such as

10Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 27 Page 29
Page 28
Image 28
IBM Tivoli and Cisco manual Conclusion, Policy Development and Assurance
Page 27 Page 29
Top Page Image Contents